https://www.youtube.com/watch?v=DDAHORVzQ5g
Погнали

Today... I was mental fired in my current project (4year development angular (4 portals) + nx + nest)...

Why?

Because managers love AI...

Because AI hate Angular and love React...

Because React love tailwind...

This is why https://lovable.dev/ can easy replace us... Because sugaring is better as "no pain - no gain"



ps: this is not an ads!!! Just my thinking about 2026 perspectives...

‼️ FrontMuc: 2025 wrap-up

> Tuesday, Nov 25 · 6:30 PM to 9:30 PM MEZ
> Celonis SE
> Theresienstraße 6, 80333, Munich, Germany


18:30 to 19:00 check-in/registration, food, drinks, kindly offered by our host.

19:05 - 19:10 Welcome words by Uliana and Celonis Team.

19:15 Talk 1: Lukas Heddendorp, Sr. Frontend Engineer @Celonis Labs
Title: I Gave an AI my Figma File, and All I Got Was This Lousy 'div'

19:45 Talk 2: Syed Iqrar Raza Zaidi, Principal Engineer - Frontend, Tamara
Title: Scalable Frontend Architecture

20:15 - 20:25 Break
20:25 Talk 3: Nikolay Vitkov, Software Engineer at Chrome DevTools Team @Google
Title: Chrome DevTools MCP

20:30 - 21:00 Talk 4 Hayk Yaghubyan, Lead Software Engineer at casavi GmbH
Title: Building a Frontend Design System That Scales

21:30 - Closing of the event, Networking (15-20 min)

RSVP

#meetup #frontmuc #frontmucmeetup

UPS… I’m to early

Let start 🫶🤘

‼️ WebStorm 2025.2.5 (252.28238.10 build) Release

```
[🐛][Built-in Formatter] - Formatter: Angular HTML template references produce line breaks

[🐛][Code vision, Inlay hints] - Angular: Misaligned inlay hints when using $any()

[Usability] - Add option to disable Angular navigation popup
```

Full Release Notes

Missed out on angular’s v21 Developer Event?

Here’s an infographic summary, c/o GoogleAI’s Nano Banana Pro.

🚨 XSRF Token Leakage via Protocol-Relative URLs in Angular HTTP Client

‼️ Package » @angular/common
‼️ Severity » High (7.7/10)

The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain.

Angular's HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header.

Affected versions                  Patched versions
>=21.0.0-next.0 < 21.0.1           21.0.1
>=20.0.0-next.0 < 20.3.14         20.3.14
>=19.0.0-next.0 < 19.2.16        19.2.16
<= 18.2.14                                   none

Workarounds

Developers should avoid using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.

Link

Again...

‼️ Shai-Hulud Returns: Over 300 NPM Packages Infected

- https://helixguard.ai/blog/malicious-sha1hulud-2025-11-24
- https://www.koi.ai/incident/live-updates-sha1-hulud-the-second-coming-hundred-npm-packages-compromised

#security #npm

ooooooo dependaaaabooooottttt.....

😂😂😂😂😂😂

but I don't have bugs in my ng app ))

I'm so happy!!!

Thank you @arctic_tempest!

#ai

‼️ Angular - prevent XSS via SVG animation attributeName and MathML/SVG URLs

Fixed in:
> 21.0.2
> 20.3.15
> 19.2.17

#security #angular21 #angular20 #angular19

Ready??? 👆🏻👆🏻👆🏻👆🏻👆🏻

Uff... what the evening... We are survived! 😂